1. Field of the Invention
The present invention generally relates to user authentication, and more particularly to a password input and verification method for authenticating a user's identity.
2. The Prior Arts
Using password to authenticate a person's identity when he or she is requesting privileged information, services, or resources is the most commonly used security mechanism in people's daily life. Even though, as the technology advances, various new mechanisms such as using fingerprint, voice, or even retina have been proposed and applied in real life, the password-based authentication remains the most popular one, as it is effective, reliable, and simple.
Password is usually entered through a keyboard or keypad to a system and a display is often associated with such system. The user's key entry is not revealed on the display, but an asterisk “*” or some similar character is displayed in response to each entry of a character. Despite that, it is possible for a near-by observer to peek and copy the sequence of key entries.
Using a longer password is effective against peeping in that people tend to be not able to memorize correctly a long string of characters. This, however, applies to the user as well; the user would also find it difficult to memorize his or her own password. A password containing four to six alphanumeric characters is considered to be most easy to remember.
There are already a number of approaches proposed to guard against the disclosing of the password during its entry using traditional mechanism, such as those revealed in U.S. Pat. Nos. 5,428,349, 6,209,104, and 6,658,574. These solutions are all effective to some extent but, nevertheless, they present other shortcomings such as difficult to learn and comprehend by ordinary users, requiring special hardware and/or major software change to implement, etc.